﻿<%@ codepage=65001%><% 'UTF-8%><% '用户管理%>
<!--#include file="../Include/Common.All.asp"-->
<!--#include file="../Include/Conn.asp"-->
<% call OpenConn%>

<!--#include file="../Include/Common.Security.asp"-->
<!--#include file="../Include/MD5.asp"-->
<!--#include file="../Include/JSON_2.0.2.asp"-->
<!--#include file="../Include/JSON_UTIL_0.1.1.asp"-->



<%

	'定义json对象
	Dim jsonObj,jsonObj_user
	Set jsonObj = jsObject()
	Set jsonObj_user = jsObject()
	UserID=ReplaceBadChar(Trim(Session("UserID")))
	
	dim act 
  act=request("act")
 	Dim rsObj,strSql
	 	''定义查询字段变量
 	dim id,UserID,UserPassword,	UserName,TrueName,HomePhone,Mobile,Email,RegTime,UserType,Address,IDCard,Sex 


 	
	''查询信息列表
	if "search"=act then
		UserID=ReplaceBadChar(Trim(request.Form("UserID")))
		UserName=ReplaceBadChar(Trim(request.Form("UserName")))
				
		jsonObj("rslist") = ""
		''添加用户信息
		jsonObj_user("UserID") = UserID 
		jsonObj_user("UserName") =ReplaceBadChar(Trim(Session("UserName")))
		Set jsonObj("customer") = jsonObj_user 
	 
		''添加查询结果信息
		''Dim rsObj,strSql
		strSql = "SELECT *  FROM PE_User "   & "WHERE 1=1 "
		If (UserID <> "") Then strSql=strSql & " and UserID like '%" & UserID & "%'  "
		If (UserName <> "") Then strSql=strSql & " and UserName like '%" & UserName & "%'  "
		Set jsonObj("rslist") = QueryToJSON(Conn, strSql) 
	 		
 elseif "edit"=act then
 			jsonObj("msg") = "操作失败，请重试..."
			jsonObj("success") = 0'"false"

''修改信息

			UserID=ReplaceBadChar(Trim(request.Form("UserID")))
			UserName=ReplaceBadChar(Trim(request.Form("UserName")))
			HomePhone=ReplaceBadChar(Trim(request.Form("HomePhone")))
			Mobile=ReplaceBadChar(Trim(request.Form("Mobile")))
			Email=ReplaceBadChar(Trim(request.Form("Email")))			
			UserType=ReplaceBadChar(Trim(request.Form("UserType")))			
			Address=ReplaceBadChar(Trim(request.Form("Address")))			
			IDCard=ReplaceBadChar(Trim(request.Form("IDCard")))			
			Sex=ReplaceBadChar(Trim(request.Form("Sex")))			
			TrueName=ReplaceBadChar(Trim(request.Form("TrueName")))			
   
			''Dim rsObj,strSql
			set rsObj=Server.CreateObject("ADODB.Recordset")
			strSql = "Select  * from PE_User where UserID='"&UserID&"' "
			''Response.Write strSql&"-----"
			rsObj.Open strSql, Conn, 1, 3
			If rsObj.BOF And rsObj.EOF Then 
				jsonObj("msg") = "操作失败，请重试..." 
				jsonObj("success") = 0'"false"
			else								
				rsObj("HomePhone") = HomePhone
				rsObj("Mobile") = Mobile
				rsObj("Email") = Email
				rsObj("UserType") = PE_CLng(UserType)
				rsObj("Address") = Address
				rsObj("IDCard") = IDCard
				rsObj("Sex") = Sex
				rsObj("TrueName") = TrueName
				Session("TrueName")=TrueName 
				rsObj.Update
			 
				jsonObj("msg") = "添加成功，正在跳转..."
				jsonObj("success") = 1'"success"
				jsonObj("url") = "profile.asp"
	 		end if	
			rsObj.close
			Set rsObj = Nothing
 
 elseif "delete"=act then
''删除记录
		UserID=ReplaceBadChar(Trim(request.Form("UserID"))) 
    Dim  RowCount 
    RowCount = 0
    If (id <> "" ) Then 
    	Conn.Execute ("delete from PE_User where UserID='"&UserID&"'"), RowCount
    End If
    If RowCount = 0 Then
        jsonObj("success") = 0 'false
        jsonObj("msg") = "记录删除失败。" 
    Else
        jsonObj("msg") = "删除成功，正在跳转..." 
				jsonObj("success") = 1'"success"
				jsonObj("url") = "profile.asp"
    End If
  

	end If''''删除记录
 

	'输出json对象
	jsonObj.Flush
	''Response.Write strSql&"-----"
 '释放数据库链接
	call CloseConn

''{
''    rslist : [ { name: "mac", desc: "computer",     
''                   price: 1000, quantity: 100, alert:null },
''                 { name: "ipod", desc: "music player", 
''                   price:  200, quantity: 200, alert:"on sale now!" },
''                 { name: "cinema display", desc: "screen",       
''                   price:  800, quantity: 300, alert:"best deal!" } ],
''    customer : { first: "John", last: "Public", level: "gold" }
''}

%>